Update Windows setup (#15596)

- Update instructions for buying a license. You need a license to
connect Fleet to Azure AD

articles/windows-mdm-setup.md

@@ -10,7 +10,7 @@ Turning on Windows MDM features requires configuring Fleet with a certificate an
 
 Automatic enrollment allows Windows workstations to automatically enroll to Fleet when they are first set up. Automatic enrollment requires Microsoft Azure Active Directory (aka Microsoft Entra). This guide will walk you through how to connect Azure AD to Fleet. 
 
-With Fleet connected to Azure AD, the end user will see Microsoft's default setup experience. You can further customize the initial setup with Windows Autopilot, which is similar to Apple's Automated Device Enrollment (DEP). Autopilot requires a Microsoft Intune license. This guide will also walk you through how to customize the intitial setup with Autopilot.
+With Fleet connected to Azure AD, the end user will see Microsoft's default setup experience. You can further customize the initial setup with Windows Autopilot, which is similar to Apple's Automated Device Enrollment (DEP).
 
 ## Requirements
 To use Fleet's Windows MDM features you need to have:
@@ -86,15 +86,37 @@ By connecting Fleet to Azure AD, Windows workstations can automatically enroll t
 
 This section will guide you through how to:
 
-1. Connect Fleet to Azure AD
+1. Buy a Microsoft license.
 
-2. Test automatic enrollment
+2. Connect Fleet to Azure AD
 
-### Step 1: connect Fleet to Azure AD
+3. Test automatic enrollment
+
+### Step 1: buy a Microsoft license
+
+1. Sign in to [Microsoft 365 admin center](https://admin.microsoft.com/).
+
+2. In the left-side bar select **Marketplace**.
+
+3. On the **Marketplace** page, select **All products** and in the search bar below **All products** enter "Enterprise Mobility + Security E3".
+
+4. Find **Enterprise Mobility + Security E3** and select **Details**
+
+5. On the **Enterprise Mobility + Security E3** page, select **Buy** and follow instructions to purchase the license. 
+
+6. Sign in to [Azure portal](https://portal.azure.com).
+
+7. At the top of the page search "Users" and select **Users**.
+
+8. Select or create your user and select **Licenses**.
+
+9. Select **+ Assignments** and assign the **Enterprise Mobility + Security E3** to this user.
+
+### Step 2: connect Fleet to Azure AD
 
 For instructions on how to connect Fleet to Azure AD, in the Fleet UI, select the avatar on the right side of the top navigation and select **Settings > Integrations > Automatic enrollment**. Then, next to **Windows automatic enrollment** select **Details**.
 
-### Step 2: test automatic enrollment
+### Step 3: test automatic enrollment
 
 Testing automatic enrollment requires creating a test user in Azure AD and a freshly wiped or new Windows workstation.
 
@@ -122,39 +144,15 @@ After you connect Fleet to Azure AD, you can customize the Windows setup experie
 
 This section will guide you through how to:
 
-1. Buy a Microsoft Intune license. Microsoft requires this for Autopilot.
+1. Create an Autopilot profile in Intune
 
-2. Create an Autopilot profile in Intune
+2. Register a test workstation with Autopilot
 
-3. Register a test workstation with Autopilot
+3. Upload your organization's logo that end users will see during setup
 
-4. Upload your organization's logo that end users will see during setup
+4. Test Autopilot
 
-5. Test Autopilot
-
-### Step 1: buy a Microsoft Intune license
-
-Autopilot requires at least one Intune license to edit the Autopilot profile.
-
-1. Sign in to [Microsoft 365 admin center](https://admin.microsoft.com/).
-
-2. In the left-side bar select **Marketplace**.
-
-3. On the **Marketplace** page, select **All products** and in the search bar below **All products** enter "Intune".
-
-4. Find **Microsoft Intune Plan 1 Device** and select **Details**
-
-5. On the **Microsoft Intune Plan 1 Device** page, select **Buy** and follow instructions to purchase the license. 
-
-6. Sign in to [Azure portal](https://portal.azure.com).
-
-7. At the top of the page search "Users" and select **Users**.
-
-8. Select or create your Intune admin user and select **Licenses**.
-
-9. Select **+ Assignments** and assign the **Microsoft Intune Plan 1 Device** to this user.
-
-### Step 2: create an Autopilot profile
+### Step 1: create an Autopilot profile
 
 1. Sign in to [Microsoft Intune](https://endpoint.microsoft.com/) using the Intune admin user from step 1.
 
@@ -162,7 +160,7 @@ Autopilot requires at least one Intune license to edit the Autopilot profile.
 
 3. Select **+ Create profile > Windows PC** and follow steps to create an Autopilot profile. On the **Assignments** step, select **+ Add all devices**.
 
-### Step 3: register a test workstation
+### Step 2: register a test workstation
 
 1. Open your test workstation and follow these [Microsoft instructions](https://learn.microsoft.com/en-us/autopilot/add-devices#desktop-hash-export) to export your workstations's device hash as a CSV. The CSV should look something like `DeviceHash_DESKTOP-2V08FUI.csv`
 
@@ -172,7 +170,7 @@ Autopilot requires at least one Intune license to edit the Autopilot profile.
 
 4. After Intune finishes the import, refresh the **Windows Autopilot devices** page several times to confirm that your workstation is registered with Autopilot.
 
-### Step 4: upload your organization's logo
+### Step 3: upload your organization's logo
 
 1. Navigate to [Azure portal](https://portal.azure.com).
 
@@ -184,7 +182,7 @@ Autopilot requires at least one Intune license to edit the Autopilot profile.
 
 5. In the bottom bar, select **Review + Save** and then **Save**.
 
-### Step 5: test Autopilot
+### Step 4: test Autopilot
 
 1. Wipe your test workstation.